Cyber Bites

For the past three months, a cybercrime group has been hacking into home routers --mostly D-Link models-- to change DNS server settings and hijack traffic meant for legitimate sites and redirect it to malicious clones. The attackers operate by using well-known exploits in router firmware to hack into vulnerable devices and make silent changes to the router's DNS configuration, changes that most users won't ever notice. Source: ZDNet

Check Point's research team tried the April Fools snake game added by Google inside the Android and iOS Google Maps apps and, after failing to play it for as long as they wanted, they reverse engineered it, stuck an auto-play AI inside, and removed the "loss" factor altogether.This happened because they were too busy researching cyber threats all day long to keep playing it for hours on end.Seriously though, they just decided to hack it...

Nearly half (48%) of all malicious files detected in the past 12 months were some kind of document, an email analysis by researchers at Barracuda Networks has revealed. More than 300,000 unique malicious documents were identified in the study, which researchers said indicates an alarming rise in the use of document-based malware.This trend appears to be gaining momentum, with 59% of all malicious files detected in the first quarter of 2019 being documents, compared with...

A recent investigation by virtualization company Bromium has discovered that US-based web servers were being used by cybercriminals to host and distribute banking trojans, information stealers and ransomware.The firm analyzed its own threat data as well as public data between May 2018 and March 2019 to reveal that malicious threats were originating from web servers in Las Vegas, Nevada registered under the name PONYNET and hosted on BuyVM data centers.BuyVM is actually owned by FranTech...

The ultrasonic fingerprint scanner feature in the Samsung Galaxy S10 can be duped into unlocking the device with the help of a 3D printed fingerprint stolen from its owner as shown by Reddit user darkshark9.According to Samsung's description, to use the in-screen fingerprint scanner one only has to "Simply touch the glass to unlock. We've moved security from the back of the phone to the front, fusing the Ultrasonic Fingerprint directly into the screen." Source:...

The smartphone video game Flappy Bird was removed from smartphones in 2014 by its creator, Dong Nguyen, because it was too addictive. But the program lives on as an inspiration to deep learning researchers. Specifically, International Business Machines scientists this week unveiled research into how machines can continually learn tasks, including playing Flappy Bird, improving over time rather than learning one level of play and stopping at that.Known as lifelong learning, or continuous learning, the...

NSA today finally released the complete source code for GHIDRA version 9.0.2 which is now available on its Github repository.GHIDRA is agency's home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications.GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI) and has been designed to run on a variety of platforms including Windows, macOS,...

Over the past five months, the London Blue cybercriminal group has been running business email compromise (BEC) scams against employees in Asia working for companies based mostly in the United States, Australia or Europe.The corporate fraudsters rely on a new database of about 8,500 financial executives from close to 7,800 different companies in the world (most of them in the U.S.). This is almost six times smaller than the previous collection of targets, which contained...

Xiaomi has patched a security flaw in Guard Provider, the default security app included with all recent Xiaomi smartphones. The vulnerability would have allowed attackers to inject traffic heading towards the Guard Provider app, and insert malicious commands that would have allowed a threat actor to run malicious code to take over the phone, install malware, or steal users' data. Source: ZDNet

Over 58,000 Android users had "stalkerware" installed on their phones last year, researchers from Kaspersky Lab have revealed today. Of these, more than 35,000 had no idea about stalkerware being present on their Android devices until they installed Kasperksy's mobile antivirus, which flagged the infection.Kaspersky's findings come to confirm a growing trend in the information security industry, where security researchers are seeing an increase in the use of stalkerware-like products, from both normal users and...